• 제목/요약/키워드: Security Tactics

검색결과 54건 처리시간 0.019초

보안 전술과 Broker 아키텍처 패턴간의 호환성 분석 (Compatibility Analysis Between Security Tactics and Broker Architecture Pattern)

  • 김순태
    • 한국인터넷방송통신학회논문지
    • /
    • 제15권4호
    • /
    • pp.19-24
    • /
    • 2015
  • 보안은 소프트웨어 개발에 있어서 주요한 관심사중 하나이다. 보안 전술(Security tactics)은 아키텍처 수준에서 보안의 문제를 해결하기 위한 재사용 가능한 빌딩 블록으로, 소프트웨어 시스템의 구조를 수립하기 위한 일반적인 해결책인 아키텍처 패턴(Architectural Pattern)과 자주 함께 사용된다. 하지만, 아키텍처 패턴에서의 아키텍처 전술은 패턴이나 전술 참여자들이 구조적/행위적으로 어떻게 함께 설계되어야 하는지에 대한 구체적인 이해 없이 보통 개념적으로만 이해되고 만다. 본 논문에서는 대표적인 아키텍처 패턴중 하나인 Broker패턴에서 이와 함께 사용 가능한 보안 전술을 모델 기반으로 표현하고, 실세계에서 어떻게 이 개념이 적용되었는지에 대한 구체적인 사례를 소개한다.

UML Sequence Diagram을 활용한 공대공 교전 전술 명세 (The Specification of Air-to-Air Combat Tactics Using UML Sequence Diagram)

  • 박명환;오지현;김천영;설현주
    • 한국군사과학기술학회지
    • /
    • 제24권6호
    • /
    • pp.664-675
    • /
    • 2021
  • Air force air-to-air combat tactics are occurring at a high speed in three-dimensional space. The specification of the tactics requires dealing with a quite amount of information, which makes it a challenge to accurately describe the maneuvering procedure of the tactics. The specification of air-to-air tactics using natural languages is not suitable because of the intrinsic ambiguity of natural languages. Therefore, this paper proposes an approach of using UML Sequence Diagram to describe air-to-air combat tactics. Since the current Sequence Diagram notation is not sufficient to express all aspects of the tactics, we extend the syntax of the Sequence Diagram to accommodate the required features of air-to-air combat tactics. We evaluate the applicability of the extended Sequence Diagram to air-to-air combat tactics using a case example, that is the manned-unmanned teaming combat tactic. The result shows that Sequence Diagram specification is more advantageous than natural language specification in terms of readability, conciseness, and accuracy. However, the expressiveness of the Sequence Diagram is evaluated to be less powerful than natural language, requiring further study to address this issue.

유무인 협업을 활용한 고가치 공중 자산의 호위 전술 개발과 M&S를 활용한 효과적인 전력배치 방안 연구 (The Development of Air Escort Tactics for High-Value Airborne Assets Using Manned-Unmanned Teaming and the Study on Effective Force Disposition Using M&S)

  • 박명환;유승훈;오지현;설현주
    • 한국군사과학기술학회지
    • /
    • 제25권4호
    • /
    • pp.401-411
    • /
    • 2022
  • As the role of high-value air assets(e.g., AWACS, JSTARS, Rivet Joint, E-2) becomes more critical in modern warfare, the air escort for these assets blocking attacks from any potential enemy fighter also becomes vital. Without the escort, the operations of the assets become restricted. However, such an escort is not always possible due to the limited flight time of the escort fighters. In this paper, we introduce an escort tactics for high-value air assets performed by the manned-unmanned teaming composed of a transport aircraft and UAVs(unmanned aerial vehicles). In this tactics, the transport aircraft plays the role of an aircraft carrier, which carries, launches, and retrieves the UAVs. The missions of UAVs in this tactics are to detect and engage enemy fighters. We also introduce the simulation result of this tactics to identify the UAVs' required capabilities and optimal maneuvering.

Efforts against Cybersecurity Attack of Space Systems

  • Jin-Keun Hong
    • Journal of Positioning, Navigation, and Timing
    • /
    • 제12권4호
    • /
    • pp.437-445
    • /
    • 2023
  • A space system refers to a network of sensors, ground systems, and space-craft operating in space. The security of space systems relies on information systems and networks that support the design, launch, and operation of space missions. Characteristics of space operations, including command and control (C2) between space-craft (including satellites) and ground communication, also depend on wireless frequency and communication channels. Attackers can potentially engage in malicious activities such as destruction, disruption, and degradation of systems, networks, communication channels, and space operations. These malicious cyber activities include sensor spoofing, system damage, denial of service attacks, jamming of unauthorized commands, and injection of malicious code. Such activities ultimately lead to a decrease in the lifespan and functionality of space systems, and may result in damage to space-craft and, lead to loss of control. The Cybersecurity Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) matrix, proposed by Massachusetts Institute of Technology Research and Engineering (MITRE), consists of the following stages: Reconnaissance, Resource Development, Initial Access, Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Discovery, Lateral Movement, Collection, Command & Control, Exfiltration, and Impact. This paper identifies cybersecurity activities in space systems and satellite navigation systems through the National Institute of Standards and Technology (NIST)'s standard documents, former U.S. President Trump's executive orders, and presents risk management activities. This paper also explores cybersecurity's tactics attack techniques within the context of space systems (space-craft) by referencing the Sparta ATT&CK Matrix. In this paper, security threats in space systems analyzed, focusing on the cybersecurity attack tactics, techniques, and countermeasures of space-craft presented by Space Attack Research and Tactic Analysis (SPARTA). Through this study, cybersecurity attack tactics, techniques, and countermeasures existing in space-craft are identified, and an understanding of the direction of application in the design and implementation of safe small satellites is provided.

Detection of Political Manipulation through Unsupervised Learning

  • Lee, Sihyung
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • 제13권4호
    • /
    • pp.1825-1844
    • /
    • 2019
  • Political campaigns circulate manipulative opinions in online communities to implant false beliefs and eventually win elections. Not only is this type of manipulation unfair, it also has long-lasting negative impacts on people's lives. Existing tools detect political manipulation based on a supervised classifier, which is accurate when trained with large labeled data. However, preparing this data becomes an excessive burden and must be repeated often to reflect changing manipulation tactics. We propose a practical detection system that requires moderate groundwork to achieve a sufficient level of accuracy. The proposed system groups opinions with similar properties into clusters, and then labels a few opinions from each cluster to build a classifier. It also models each opinion with features deduced from raw data with no additional processing. To validate the system, we collected over a million opinions during three nation-wide campaigns in South Korea. The system reduced groundwork from 200K to nearly 200 labeling tasks, and correctly identified over 90% of manipulative opinions. The system also effectively identified transitions in manipulative tactics over time. We suggest that online communities perform periodic audits using the proposed system to highlight manipulative opinions and emerging tactics.

주요 위협국의 사회공학 공격특징과 대응전략 (Social Engineering Attack Characteristics and Countermeasure Strategies of Major Threat Countries)

  • 김지원
    • 융합보안논문지
    • /
    • 제23권5호
    • /
    • pp.165-172
    • /
    • 2023
  • 국가간에 이루어지는 사회공학 공격은 주로 비밀정보, 외교의 협상 또는 미래의 정책 변경에 대해 우위를 확보하기 위해 매우 효율적인 공격이므로 꾸준히 실시되고 있다. 우크라이나-러시아 전쟁이 장기화함에 따라 글로벌 해킹 조직의 활동이 꾸준히 증가하고 있으며, 주요 기반시설 또는 글로벌 기업 대상의 대규모 사이버공격 시도가 지속되므로 이에 대한 대응전략이 필요하다. 이를 위해 다양한 사회공학 공격 모델 중 물리적인 접촉을 배제한 사회공학 사이클이 가장 적합한 모델이라 판단하여 주요 위협국이 선호하는 사회공학 공격 방법을 사례분석을 통해 지정학적 전술과 비교하여 분석하였다. 그 결과 중국은 인해전술과 같은 질보다 양을 선호하는 피싱공격을 러시아는 마치 첩보전을 연상하는 은밀하고 복잡한 스피어 피싱을 선호하며, 북한은 미국과 한국에 대한 공격은 스피어 피싱과 워터링홀로 지정학적 전술을 응용하여 활용하였고 그 외 국가들은 대부분 랜섬웨어로 자금확보를 목표로 하였다. 이에 따라 중국에는 클린패스 정책, 러시아에는 주기적인 의무교육, 북한에는 국제적인 제재 등을 대응전략으로 제시하였다.

Human Action Recognition Using Deep Data: A Fine-Grained Study

  • Rao, D. Surendra;Potturu, Sudharsana Rao;Bhagyaraju, V
    • International Journal of Computer Science & Network Security
    • /
    • 제22권6호
    • /
    • pp.97-108
    • /
    • 2022
  • The video-assisted human action recognition [1] field is one of the most active ones in computer vision research. Since the depth data [2] obtained by Kinect cameras has more benefits than traditional RGB data, research on human action detection has recently increased because of the Kinect camera. We conducted a systematic study of strategies for recognizing human activity based on deep data in this article. All methods are grouped into deep map tactics and skeleton tactics. A comparison of some of the more traditional strategies is also covered. We then examined the specifics of different depth behavior databases and provided a straightforward distinction between them. We address the advantages and disadvantages of depth and skeleton-based techniques in this discussion.

한국 해양테러의 실태 및 대응방안 (The Korea's indiscretion in maritime-terrorism and the counter plan)

  • 박준석;박유덕;김기상
    • 한국재난정보학회 논문집
    • /
    • 제3권2호
    • /
    • pp.79-93
    • /
    • 2007
  • With international urgence of terror situation, many methods of terror techniques and skills are appearing and more intense and threatening terror is braking out not only in the air(plane), but also in the sea(ship). Korea is surrounded by 3 sides of sea and is a proud maritime nation that should advance to foreign country through the sea because South Korea and North Korea are confronting. Korea depend on the maritime transportation, 99.7% of exporting, importing material resources. Therefore, acquisition of the marine safety has the great affect on national security and economical life. On the high tension of situation about threat and possibility of maritime terroism, the potential ways of the improvement policy for counter-tactics against big maritime terror are the following. First, we should construct clear and well-organized network for accurate information about maritime terrorism Second, we should have the information of all domestic, foreign passenger's ships Third, national important facilities such as atomic energy plant, thermo-electric power plant, shipyard need policies to manage all emergency situation Fourth, government authorities should improve tactic abilitities by competing with support and budget inside of nation as well as outside of nation. To develop big maritime terror of our country, we will have to hold cooperative training & tactics contest of big maritime terror by cooperating educational industry organization with similar institute, improve the ability of members of big terror and acquire tactics information by excavating and exchanging a new technique through tactics seminar and public hearing.

  • PDF

Cyber Kill Chain-Based Taxonomy of Advanced Persistent Threat Actors: Analogy of Tactics, Techniques, and Procedures

  • Bahrami, Pooneh Nikkhah;Dehghantanha, Ali;Dargahi, Tooska;Parizi, Reza M.;Choo, Kim-Kwang Raymond;Javadi, Hamid H.S.
    • Journal of Information Processing Systems
    • /
    • 제15권4호
    • /
    • pp.865-889
    • /
    • 2019
  • The need for cyber resilience is increasingly important in our technology-dependent society where computing devices and data have been, and will continue to be, the target of cyber-attackers, particularly advanced persistent threat (APT) and nation-state/sponsored actors. APT and nation-state/sponsored actors tend to be more sophisticated, having access to significantly more resources and time to facilitate their attacks, which in most cases are not financially driven (unlike typical cyber-criminals). For example, such threat actors often utilize a broad range of attack vectors, cyber and/or physical, and constantly evolve their attack tactics. Thus, having up-to-date and detailed information of APT's tactics, techniques, and procedures (TTPs) facilitates the design of effective defense strategies as the focus of this paper. Specifically, we posit the importance of taxonomies in categorizing cyber-attacks. Note, however, that existing information about APT attack campaigns is fragmented across practitioner, government (including intelligence/classified), and academic publications, and existing taxonomies generally have a narrow scope (e.g., to a limited number of APT campaigns). Therefore, in this paper, we leverage the Cyber Kill Chain (CKC) model to "decompose" any complex attack and identify the relevant characteristics of such attacks. We then comprehensively analyze more than 40 APT campaigns disclosed before 2018 to build our taxonomy. Such taxonomy can facilitate incident response and cyber threat hunting by aiding in understanding of the potential attacks to organizations as well as which attacks may surface. In addition, the taxonomy can allow national security and intelligence agencies and businesses to share their analysis of ongoing, sensitive APT campaigns without the need to disclose detailed information about the campaigns. It can also notify future security policies and mitigation strategy formulation.

Defense Strategy of Network Security based on Dynamic Classification

  • Wei, Jinxia;Zhang, Ru;Liu, Jianyi;Niu, Xinxin;Yang, Yixian
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • 제9권12호
    • /
    • pp.5116-5134
    • /
    • 2015
  • In this paper, due to the network security defense is mainly static defense, a dynamic classification network security defense strategy model is proposed by analyzing the security situation of complex computer network. According to the network security impact parameters, eight security elements and classification standard are obtained. At the same time, the dynamic classification algorithm based on fuzzy theory is also presented. The experimental analysis results show that the proposed model and algorithm are feasible and effective. The model is a good way to solve a safety problem that the static defense cannot cope with tactics and lack of dynamic change.